編集

次の方法で共有

Use the data ingestion benefit

  • [アーティクル]

When you enable Defender for Servers Plan 2 in Microsoft Defender for Cloud, you can take advantage of 500 MB of free data ingestion per day. Here's how it works.

  • Defender for Servers Plan 2 provides an allowance of 500 MB per node per day for specific security data types that are directly collected by Defender for Cloud.
  • Data ingestion is calculated per machine, per reported workspace, and per day.
  • Total daily free limit is equal to [number of machines] x 500 MB.
  • The allowance is a daily rate averaged across all machines.
  • You aren't charged extra if the total doesn't exceed your total daily free limit, even if some machines send 100 MB and others send 800 MB.
  • The benefit is granted to the Log Analytics workspace to which the machine reports.

Prerequisites

  • The benefit is available for every machine running the Azure Monitor agent (AMA) that's located in a subscription that has Defender for Servers Plan 2 enabled.
  • Defender for Servers Plan 2 must be specifically enabled on the workspace to which machines report.
  • If the machine reports to more than one workspace, the benefit is only granted to one of them.

The following subset of security data types are supported for the benefit:

Configure a workspace

Follow the instructions in the Azure Monitor documentation to create a Log Analytics workspace.

Enable Defender for Servers Plan 2 on the workspace

  1. In the Azure portal, search for and select Microsoft Defender for Cloud.

  2. In the Defender for Cloud menu, select Environment settings, and select the relevant workspace.

  3. Select the relevant workspace.

  4. Toggle the servers plan to On, and then select Save.

    Screenshot that shows the plan enablement page at the Log Analytics workspace level.

Note

If you want to disable Defender for Servers Plan 2 in the future, you need to explicitly disable the plan on any Log Analytics workspace that has it enabled.